As you can see from my comment below, this is not an insignificant change. I still think that we need to stop enabling these convenience methods since configuration allows just as easy config, yet keeps the codebase much cleaner.
I'm thinking the best thing to do is just deprecate the existing SecurityManager hierarchy and create a new, say, SimpleSecurityManager and WebSimpleSecurityManager implementations that don't provide all the extra awkward convenience methods. Then, if we find that people really want those convenience methods, we can create a SecurityManagerBuilder that provides them, since that is a better design pattern for such a task. Thoughts? Les On Tue, Jan 12, 2010 at 11:01 AM, Les Hazlewood (JIRA) <[email protected]> wrote: > > [ > https://issues.apache.org/jira/browse/SHIRO-128?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12799246#action_12799246 > ] > > Les Hazlewood commented on SHIRO-128: > ------------------------------------- > > Candidate Methods and Classes to be removed as a result of this task: > > AuthenticatingSecurityManager.setAuthenticationStrategy > AuthenticatingSecurityManager.setAuthenticationListeners > AuthenticatingSecurityManager.add(AuthenticationListener) > AuthenticatingSecurityManager.remove(AuthenticationListener) > AuthenticatingSecurityManager.assertAuthenticationListenerSupport() > > AuthenticationListenerRegistrar > > AuthorizingSecurityManager.setPermissionResolver > > PermissionResolverAware > > SessionsSecurityManager.setSessionFactory > SessionsSecurityManager.setSessionDAO > SessionsSecurityManager.getGlobalSessionTimeout > SessionsSecurityManager.setGlobalSessionTimeout > SessionsSecurityManager.assertSessionListenerSupport > SessionsSecurityManager.add(SessionListener) > SessionsSecurityManager.remove(SessionListener) > > SessionListenerRegistrar > > DefaultSecurityManager.setRememberMeCipher > DefaultSecurityManager.setRememberMeCipherKey > DefaultSecurityManager.setRememberMeCipherKeyHex > DefaultSecurityManager.setRememberMeCipherKeyBase64 > DefaultSecurityManager.setRememberMeEncryptionCipherKey > DefaultSecurityManager.setRememberMeEncryptionCipherKeyHex > DefaultSecurityManager.setRememberMeEncryptionCipherKeyBase64 > DefaultSecurityManager.setRememberMeDecryptionCipherKey > DefaultSecurityManager.setRememberMeDecryptionCipherKeyHex > DefaultSecurityManager.setRememberMeDecryptionCipherKeyBase64 > > WebSecurityManager.getRememberMeManagerCookieAttribute > WebSecurityManager.setRememberMeManagerCookieAttribute > WebSecurityManager.setRememberMeCookieName > WebSecurityManager.setRememberMeCookieDomain > WebSecurityManager.setRememberMeCookiePath > WebSecurityManager.setRememberMeCookieMaxAge > WebSecurityManager.setRememberMeCookieVersion > WebSecurityManager.setRememberMeCookieSecure > WebSecurityManager.setRememberMeCookieComment > WebSecurityManager.getSessionIdCookieAttribute > WebSecurityManager.setSessionIdCookieAttribute > WebSecurityManager.getSessionIdCookieName > WebSecurityManager.getSessionIdCookieDomain > WebSecurityManager.getSessionIdCookiePath > WebSecurityManager.getSessionIdCookieMaxAge > WebSecurityManager.getSessionIdCookieVersion > WebSecurityManager.getSessionIdCookieSecure > WebSecurityManager.getSessionIdCookieComment > >> Remove convenience configuration methods >> ---------------------------------------- >> >> Key: SHIRO-128 >> URL: https://issues.apache.org/jira/browse/SHIRO-128 >> Project: Shiro >> Issue Type: Improvement >> Components: Configuration >> Affects Versions: 0.9-RC1, 0.9, 1.0 >> Reporter: Les Hazlewood >> Fix For: 1.0 >> >> >> Per this thread: >> http://www.mail-archive.com/[email protected]/msg00525.html >> Convenience 'pass through' setter methods will be removed, as they add >> complexity, verbosity and are awkward to maintain. Clean configuration can >> still be done in a number of ways, especially via property path expressions >> in .ini: >> securityManager.authenticator.authenticationStrategy = >> $myAuthenticationStrategy >> or via a Builder or in Spring environments, possibly a >> SecurityManagerFactoryBean or similar. > > -- > This message is automatically generated by JIRA. > - > You can reply to this email to add a comment to the issue online. > >
